Add to collection(s) Add to saved
  1. Social Science
  2. Psychology
  3. Social Psychology

Guidelines for Internet

advertisement 
GUIDELINE FOR INTERNET-BASED RESEARCH
This guidance document is intended for researchers conducting recruitment, informed consent, and/or
data collection procedures over the internet.
Table of Contents
A. Introduction
B. Specific Guidance
1. Recruitment
2. Informed Consent
3. Data Collection
4. Data Security
C. Glossary of Terms
A. Introduction
Internet-based research is becoming commonplace because it is a quick and easy way to gain access to a
large number of participants. Observations, interventions, and analysis of existing data are commonly
used methods of internet-based research. While this may be good news for investigators, internetbased research raises difficult issues concerning human participant protection in the application of
federal guidelines and ethical principles.
Topics such as privacy, confidentiality, recruitment, and informed consent become complicated when
research is conducted online. The purpose of this guideline is to provide information on a variety of
issues relating to internet-based research and to help investigators design studies that are in line with
Canadian federal guidelines, specifically the Tri-Council Policy Statement on Ethical Conduct of Research
Involving Humans - the TCPS2.
B. Specific Guidance
1. Recruitment
a) Internet-based procedures for advertising and recruiting potential participants must follow the
TCPS2 guidelines for recruitment that apply to any traditional media, such as flyers and newspaper ads.
Examples of internet-based recruitment methods include emails, online advertising, social media and
chatroom postings and use of online recruitment sources such as MTurk. These texts and a strategy for
their distribution must be submitted for review and approval by the REB before use in the field.
b) The proper identification and qualification of participants is a challenge in internet-based research.
Without face-to-face or voice-to-voice interaction, it’s difficult for investigators to be sure that
participants are not misrepresenting themselves. In certain situations investigators should discuss
measures taken to authenticate participants. These situations may include studies for which
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
1
authentication of participants is important to the validity of the data or that consist of particularly
sensitive topics. Examples of such measures include:
i. Providing each study participant (in person or by Canada Post mail) with a Personal
Identification Number (PIN) to be used for authentication in subsequent computer-and internet-based
data collection. In this example, the PIN used must not be one that could be used by others to identify
the individual (e.g. social insurance number, phone number, birth date, etc.).
ii. Minors may be screened out by checking for internet monitoring software such as SafeSurf
and RSACi rating or using Adult Check systems. This may be necessary if the study presents more than
minimal risk to subjects or asks particularly sensitive questions. Investigators may want to increase the
validity of their study by screening out minors if their research is focused on adult participants. On the
other hand, in most studies involving no greater than minimal risk, the informed consent document may
simply ask participants to confirm that they are the appropriate age of majority.
2. Informed Consent
a)
Investigators conducting internet based research must follow the TCPS2 informed consent
guidelines and include required elements of informed consent when generating consent documents
When online surveys are employed, the Ryerson template for online surveys may be adapted.
Investigators conducting research that qualifies for exempt review should refer to the Ryerson
guidelines on exempt research for information regarding informed consent.
b)
In general, investigators conducting internet-based research with minors must obtain both child
assent and parent permission. Researchers may request a waiver of parent permission provided the
study fits the appropriate criteria.
c)
The REB generally accepts the use of "I agree" or "I do not agree" buttons (or other electronic
methods for indicating affirmative consent) on online pages in lieu of signatures. For surveys sent to
and returned by participants through email, investigators should include a consent document and
inform participants that submitting the completed survey indicates their consent. This would constitute
unsigned consent. In order to utilize this consent procedure, the investigator must request a waiver of
documented consent when applying for REB approval.
d)
If the REB determines that documented consent is required, the consent form may be mailed or
emailed to the participant who can then print and sign the form and return it to investigators via email,
postal mail, or fax.
e)
The process of requesting consent should not disrupt normal group activity. Researchers need
to be particularly sensitive of this when entering online communities and chatrooms as the process of
requesting consent is often perceived as disruptive. If seeking informed consent will harm the validity of
a study or make the research impracticable, it may be possible to obtain a waiver of consent provided
the study meets the appropriate criteria. When requesting a waiver of informed consent, issues
regarding deception or incomplete disclosure may need to be addressed in the researcher’s protocol
application.
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
2
f)
Personas, or avatars, are social identities that internet users establish in online communities
and websites. These personas allow individuals to reveal varying levels of personal information and also
allow them to navigate the virtual world as a particular character or alter-ego. Names of internet
personas (characters or avatars) or real names may be used in reports and publications only with
consent from the participating individual (see Data Security below for more information). In these
situations, specific language concerning the release of identifiable information must be included in the
informed consent document and specific consent must be sought from subjects for this release. If
research participants give consent to be identified, data must still be secured properly to avoid any
misuse by a third party.
g)
Collecting data over the internet can increase potential risks to confidentiality because of the
frequent involvement of third party sites and the risk of third party interception when transmitting data
across a network. For example, when using a third party website to administer surveys, the website
might store collected data on backups or server logs beyond the timeframe of the research project. In
addition, third party sites may have their own security measures that do not match those of the
investigators’ (see Additional Considerations below for more information). Participants should be
informed of these potential risks in the informed consent document. For example:
i. “Although every reasonable effort has been taken, confidentiality during actual Internet
communication procedures cannot be guaranteed.”
ii. “Your confidentiality will be kept to the degree permitted by the technology being used. No
guarantees can be made regarding the interception of data sent via the Internet by any third parties.”
iii. “Data may exist on backups or server logs beyond the timeframe of this research project.”
3. Data Collection
Internet-based data collection methods can range from the use of existing data and observations to
interventions and survey/interview procedures.
a) Existing Data
Research utilizing data that are both existing and public is not considered human participant research
and does not require REB review. Data only accessible through special permission are generally not
considered public. However, if steps are required to access data (e.g. registration/login, payment, etc.,)
but access is not restricted beyond these steps (e.g. anyone who creates a username and password can
access the data) the data may qualify as publicly available. When determining whether or not data are
public, the investigator must decide if there exists an expectation of privacy. If it’s determined that the
data were not intended for public use, even if the data are technically available to the public, the data
should be considered private. For example, data available on Wikileaks were technically public but
included information about individuals who did not authorize the release of such data
(http://en.wikipedia.org/wiki/WikiLeaks). Researchers accessing data which contain identifiers and are
not publicly available must obtain REB review and approval.
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
3
b) Observations
Article 2.2 of the TCPS2 notes that “Research that relies exclusively on publicly available information
does not require REB review when: (a) the information is legally accessible to the public and
appropriately protected by law; OR (b) the information is publicly accessible and there is no reasonable
expectation of privacy.”
When online research procedures are employed, the investigator must be sensitive to the definition of
public behavior.
Despite navigating in a public space, an individual may have an expectation of privacy, and investigators
need to be sensitive to that expectation. For example, an investigator wishes to collect data from
discussions posted in an online community support group for substance abusers. The online community
is technically public, in that anyone can view the discussions and join the group, but some group
participants are there to provide personal experiences and support regarding substance abuse and may
believe that all discussions and personally identifiable information will remain private.
Research in spaces that are not public or that maintain an expectation of privacy must be reviewed by
the REB. In order to make this determination, it’s important that investigators be familiar with the
online space in which they intend to conduct research. Not only do investigators need to have an
insider’s viewpoint in order to know whether or not participants have an expectation of privacy, but
investigators will often be met with hostility if they are not sensitive to the online community’s
expectations. Participants of an online community may see the presence of a researcher as intrusive.
If an investigator has prior experience in an online community and is already known to its participants,
the researcher may have a better chance of being welcomed into the space.
c) Chatrooms
When navigating in a chatroom, it is important that those present are able to let the researcher know if
they are not comfortable with the researcher’s presence and that the researcher respects these wishes.
Because access to chatrooms can prove difficult for investigators and chatroom participants are not
always eager to have a researcher in their midst, one suggested technique is for investigators to create
their own chatrooms just for research purposes. Investigators can greet individuals joining the chatroom
with a message informing them about the study and asking them for their informed consent. This is a
good way to be sure that all participants are fully aware of the research and have consented to
participate.
d) Surveys
Survey research is one of the most common forms of internet-based research. Researchers are advised
to format survey instruments in a way that will allow participants to refuse to answer specific questions.
For example, the list of responses can include an option such as, “Decline to answer.” In addition,
participants must always be given the option to withdraw from a study, even while in the middle of a
survey. Use of SurveyMonkey.com, Psychsurveys.org, Mechanical Turk, and other online survey tools is
permitted for most minimal risk studies employing online survey procedures. Investigators should
review confidentiality measures and data security policies for the given online survey tool and make
sure that they are described in the protocol. If security measures are not in line with what the CPHS
requires, use of the given survey company may not be approved. Research participants also need to be
informed of data security measures.
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
4
e) Interviews
Conducting interviews online allows researchers to gather information from participants who would
have been difficult to contact otherwise, such as a very geographically dispersed population. Interviews
may be conducted over the internet using email or chat technology such as Google Chat, AOL instant
messenger, Yahoo! messenger, etc. When conversing with a research participant via online chat,
investigators should take into account the inability to read visual and auditory cues, which can lead to
possible misinterpretation of both questions and responses. Voice intonation and facial expressions are
often used to convey meaning. Thus, investigators may need to ask clarifying questions in order to
accurately interpret responses, and provide additional information in order to be sure that participants
understand the questions.
g) Additional Considerations
i.
When recording material that would otherwise be temporarily posted online, consideration
should be given to whether the act of recording this information potentially creates risks for
participants. For example, information is, at times, posted on the internet by a third party without the
consent of the involved individuals. If a study is likely to record illegal or socially undesirable activity, the
investigator should judge whether or not recording this information would create risk for the subjects
and, if so, reconsider using or retaining the data.
ii.
Investigators should make sure to review any applicable Terms of Service (TOS). TOS outlines
the rules a person or organization must observe in order to use a service. Internet service providers
(ISPs) and all websites that store personal data for a user have TOS; in particular, social networking sites,
online auctions and financial transaction sites.
4. Data Security
Investigators must consider additional data-security issues when conducting internet-based research.
a) Researchers must take special care to treat online identities (personas or avatars) and their
corresponding character names just like real ones. People care about the reputation of their personas
and these aliases can usually be traced back to real-world names.
b) Even when it is not the intention of the researcher to collect identifiable information, internet
protocol (IP) addresses can easily be used to identify respondents. Proper confidentiality measures need
to be in place in order to protect the subjects’ identity. These measures include password-protection
and encryption.
c) All identifiable or coded data transmitted over the internet must be encrypted. This helps ensure that
any data intercepted during transmission cannot be decoded and that individual responses cannot be
traced back to an individual respondent. It is important to note that encryption standards vary from
country to country and there are legal restrictions regarding the export of certain encryption software
outside Canadian boundaries. It is the investigator’s responsibility to research possible restrictions and
revise data security measures accordingly.
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
5
d) The level of security should be appropriate to the risk. For most research, standard security measures
like encryption will suffice. However, research involving particularly sensitive topics may require
additional protections such as housing data on a professionally managed server.
C. Glossary of Terms (PRIM&R, 2010)
Blog: A website used as a journal; can be personal or professional in nature.
Chatroom: An online locations where individuals can come together to have text-based chat discussions
that occur in real time.
Cloud: Distant storage or data management servers typically owned and operated by a third party.
Confidentiality: Pertains to the treatment of information that an individual has disclosed in a
relationship of trust, and with the expectation that it will not be divulged without permission to others
in ways that are inconsistent with the understanding of the original disclosure.
Cookie: A text file placed on user’s computer by a website or web server. Often used to keep track of
individuals as they navigate a site, and more broadly, the web.
Encryption software: A piece of software that is used to obfuscate information to all of those who do
not have the means to decrypt the information.
Internet Protocol (IP) address: A numeric address assigned to every computer that connects to a
network, or more commonly, the internet.
IRC: Internet Relay Chat, a protocol used for hosting and participating in chatrooms.
Lurking: A behavior specific to online communities, wherein an individual remains silent, observes, and
does not participate in the community.
Online persona: An online character or avatar used by an individual.
Online survey: Any tool used to collect responses to survey questions via the internet.
Privacy: Control over the extent, timing, and circumstances of sharing oneself (physically, behaviorally,
or intellectually) with others.
Publicly available: The general public can obtain the data and they are readily available to anyone
(without special permission or application) regardless of occupation, purpose, or affiliation.
Secure website: A site that conforms to best current security practices, such as use of the Secure
HyperText Transfer Protocol (https), application of relevant patches, and sound auditing and certificate
management.
Virtual community: A group of individuals networked together through association with a virtual
environment, homepage, or other internet medium (e.g., SecondLife).
U/REB SOPS/GUIDELINE FOR INTERNET RESEARCH.DOCX
6
Related documents
To Whom It May Concern
To Whom It May Concern
Clinical Trial Quality and Compliance: An FDA Perspective
Clinical Trial Quality and Compliance: An FDA Perspective
experimental subject bill of rights
experimental subject bill of rights
ohr_asset_500525
ohr_asset_500525
Consent for Medical/Surgical Care and Treatment Cf 242 11/05
Consent for Medical/Surgical Care and Treatment Cf 242 11/05
Human Participants Research
Human Participants Research
Microsoft Word - Junior Squash PARENT CONSENT FORM
Microsoft Word - Junior Squash PARENT CONSENT FORM
You have been given information about your condition and the
You have been given information about your condition and the
Download
advertisement